GeneralInformation

Hostnames	brocatv.com www.brocatv.com
Domains	brocatv.com
Country	Argentina
City	Brinkmann
Organization	Coop. de Servicios Públicos de Morteros Ltda.
ISP	Coop. de Obras y Serv. Públicos de Brinkmann
ASN	AS52430

WebTechnologies

Analytics

Site Kit1.147.0

Google Analytics

Blogs

WordPress

CDN

Cloudflare

cdnjs

jsDelivr

CMS

WordPress

Databases

MySQL

JavaScript libraries

jQuery3.2.1

jQuery Migrate3.4.1

Slick

Marketing automation

Poptin

Miscellaneous

Popper2.11.8

Programming languages

PHP

SEO

Yoast SEO24.6

Tag managers

Google Tag Manager

UI frameworks

Bootstrap5.3.2

Widgets

AddToAny

WordPress plugins

AddToAny Share Buttons1.1

Site Kit1.147.0

Yoast SEO24.6

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(9)

CVE-2024-40898

7.5SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue.

CVE-2024-38477

7.5null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

CVE-2024-38476

9.8Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

CVE-2024-38474

9.8Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.

CVE-2024-27316

7.5HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

CVE-2024-22201

7.5Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.

CVE-2024-8184

5.9There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.

CVE-2024-6763

3.7Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.

CVE-2024-6762

3.1Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.

2023(11)

CVE-2023-45802

5.9When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue.

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2023-41900

3.5Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.

CVE-2023-40167

5.3Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.

CVE-2023-36479

3.5Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.

CVE-2023-36478

7.5Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.

CVE-2023-31122

7.5Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

CVE-2023-27522

7.5HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

CVE-2023-26049

2.4Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.

CVE-2023-26048

5.3Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).

CVE-2023-25690

9.8Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.

2022(16)

CVE-2022-37436

5.3Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.

CVE-2022-36760

9.0Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.

CVE-2022-31813

9.8Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

CVE-2022-30556

7.5Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.

CVE-2022-29404

7.5In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

CVE-2022-28615

9.1Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.

CVE-2022-28614

5.3The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.

CVE-2022-28330

5.3Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.

CVE-2022-26377

7.5Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.

CVE-2022-23943

9.8Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

CVE-2022-22721

9.1If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CVE-2022-22720

9.8Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-22719

7.5A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

CVE-2022-2191

7.5In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.

CVE-2022-2048

7.5In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.

CVE-2022-2047

2.7In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2013(4)

CVE-2013-4365

7.5Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

CVE-2013-2765

5.0The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.

CVE-2013-0942

4.3Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2013-0941

2.1EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.

2012(3)

CVE-2012-4360

4.3Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2012-4001

5.0The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.

CVE-2012-3526

5.0The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.

2011(2)

CVE-2011-2688

7.5SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.

CVE-2011-1176

4.3The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.

2009(2)

CVE-2009-2299

5.0The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.

CVE-2009-0796

2.6Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.

2007(1)

CVE-2007-4723

7.5Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.

2006(1)

CVE-2006-20001

7.5A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

OpenPorts

99 443 3306 5001 5002 5119 8080 8081 8082 8089 8443 9000 9600 9998 9999 10000 30000 33060

99 / tcp

1410093119 | 2025-03-22T11:34:49.245583

Hashes

hash

-1741814699

http.dom_hash

1804521491

http.html_hash

1410093119

http.server_hash

-675031582

http.title_hash

-22151114

Apache2 Ubuntu Default Page: It works

HTTP/1.1 200 OK
Date: Sat, 22 Mar 2025 11:35:08 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 23:55:28 GMT
ETag: "29af-5e9c57ecd4e44"
Accept-Ranges: bytes
Content-Length: 10671
Vary: Accept-Encoding
Content-Type: text/html

443 / tcp

498353573 | 2025-03-21T10:30:27.143760

Hashes

hash

-823656603

http.dom_hash

669958290

http.favicon.hash

593250406

http.html_hash

498353573

http.robots_hash

138161667

http.server_hash

-675031582

http.title_hash

-307784016

Bienvenidos - brocatv

HTTP/1.1 200 OK
Date: Fri, 21 Mar 2025 10:30:26 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: accept,content-type,Accept-Encoding
Link: <https://brocatv.com/wp-json/>; rel="https://api.w.org/"
Link: <https://brocatv.com/wp-json/wp/v2/pages/300>; rel="alternate"; title="JSON"; type="application/json"
Link: <https://brocatv.com/>; rel=shortlink
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:07:07:7c:99:5f:8c:3d:a9:25:70:33:87:c7:24:5b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Apr  9 00:00:00 2024 GMT
            Not After : Apr  9 23:59:59 2025 GMT
        Subject: CN=brocatv.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:b4:80:b4:10:07:7c:c8:bf:ac:35:61:61:0a:
                    6c:49:ec:82:ae:d4:1e:18:1d:e1:e6:20:44:9a:f8:
                    e8:e8:6e:27:4c:74:b9:b1:99:a7:01:9e:3f:76:c2:
                    03:4e:f2:19:d9:98:ba:88:42:42:2f:01:bd:e7:66:
                    7f:bb:54:f2:70:b1:cd:37:8e:d5:f7:e0:3a:91:8d:
                    f3:34:dc:28:59:f8:ce:8f:0a:08:56:13:37:e0:9c:
                    ee:78:2e:2c:bd:93:b6:58:c3:33:3b:8d:ba:a1:79:
                    8f:71:54:ec:30:d1:fa:6b:1e:5b:78:d6:d4:0a:66:
                    6f:5f:41:62:49:4b:fd:49:e5:65:39:52:a1:4c:85:
                    e3:bc:b4:ae:c1:0d:6d:50:52:4b:f4:65:0f:c5:c3:
                    01:71:89:ee:45:34:88:eb:3a:98:a3:4c:e9:7a:60:
                    c9:8d:0d:42:a5:6a:52:68:3b:e6:d3:d5:dd:7d:84:
                    92:4e:4d:39:34:d7:df:16:b6:ba:e4:86:58:4b:a3:
                    90:17:16:d7:05:32:82:19:e2:28:43:1a:99:97:66:
                    29:1c:27:7d:e3:36:94:98:55:2c:18:16:7a:1e:42:
                    38:98:9e:30:f1:51:38:77:70:79:02:a6:bd:18:f2:
                    38:5a:11:84:5e:ae:33:21:51:e7:f8:ac:68:8a:77:
                    bb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                D4:2F:EB:EF:23:ED:68:CA:9B:27:A3:B8:FE:30:20:EA:5A:64:43:7E
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:brocatv.com, DNS:www.brocatv.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr  9 20:45:10.569 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:93:6D:24:65:6F:8D:4C:83:C5:79:66:
                                56:DE:5C:58:52:95:BF:F6:A8:BE:69:E4:6E:E5:2D:CF:
                                0A:04:39:6B:A6:02:20:72:F4:C1:35:C6:99:74:3D:8E:
                                F2:7F:7E:18:7C:03:16:B7:DB:EB:93:21:7B:5F:2F:06:
                                B8:BD:A9:5C:E4:30:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr  9 20:45:10.448 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0F:06:19:5E:83:0B:69:9E:26:F5:50:7E:
                                4D:C9:8D:41:CF:59:68:FB:CC:AA:9F:E3:A3:8B:F8:A3:
                                71:F2:43:E7:02:20:16:C7:70:F2:EE:1A:B5:93:E9:DD:
                                20:84:82:8B:0C:C9:51:C2:23:C0:8F:1A:00:79:A6:2A:
                                76:3E:AB:9A:9F:29
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr  9 20:45:10.447 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:59:78:9A:4A:63:DF:8D:60:3D:2F:34:12:
                                B3:99:41:26:97:B1:98:47:D1:ED:90:7D:EE:5E:EA:C6:
                                FC:62:5E:58:02:20:1F:4C:DA:9D:E6:90:6F:E0:7F:AD:
                                CA:E5:A0:0B:8F:54:8E:D4:32:AD:96:75:29:77:1E:69:
                                F4:BE:CF:67:78:02
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2d:45:74:53:ea:2d:82:40:73:27:58:28:88:ce:ac:62:11:3b:
        b4:f9:61:f6:81:7c:66:33:24:e9:6c:dc:3d:15:b7:e0:19:48:
        3d:a9:c0:4d:ec:cf:bd:2a:fe:8c:d3:69:c8:02:a7:96:5b:42:
        1d:17:47:ec:44:bd:1c:cf:83:20:da:d6:a7:15:ff:50:96:66:
        86:ce:9f:cd:dc:1b:9a:28:b7:16:a7:3b:9e:0a:5f:d1:b6:95:
        73:52:dc:4e:49:a9:d1:38:a4:dc:53:f7:40:db:4f:74:d8:4d:
        b9:9e:93:d4:3d:95:00:da:3e:e6:83:3f:10:8b:69:24:77:ff:
        b0:0f:b5:68:24:88:e3:7c:81:36:d7:1a:6d:42:79:50:45:b4:
        fe:0c:19:d2:18:44:75:5e:da:6e:4e:cc:34:9b:8d:42:58:c7:
        4c:c3:10:42:61:86:23:9b:2c:a2:62:f8:57:24:b9:2d:a0:c2:
        ed:b0:e3:10:07:9b:51:10:a4:71:73:12:3a:75:a6:bc:59:ca:
        1c:7f:8a:26:24:f5:ee:01:80:1b:fb:62:4e:28:03:a8:8c:ff:
        f9:fc:3e:2b:d1:ba:48:c6:4f:77:16:fc:98:a0:06:95:ed:57:
        28:5d:2b:54:92:d5:21:84:22:aa:cc:2c:4b:97:e3:19:41:c5:
        9b:ca:6b:f1

Vulnerabilities

9 13 11 2

3306 / tcp

962713488 | 2025-03-27T18:55:34.414584

MySQL:
  Protocol Version: 10
  Version: 8.0.41-0ubuntu0.22.04.1
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

8080 / tcp

1410093119 | 2025-03-24T15:14:52.413337

Hashes

hash

1149153290

http.dom_hash

1804521491

http.html_hash

1410093119

http.server_hash

-675031582

http.title_hash

-22151114

Apache2 Ubuntu Default Page: It works

HTTP/1.1 200 OK
Date: Mon, 24 Mar 2025 15:14:42 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 23:55:28 GMT
ETag: "29af-5e9c57ecd4e44"
Accept-Ranges: bytes
Content-Length: 10671
Vary: Accept-Encoding
Content-Type: text/html

Vulnerabilities

9 13 11 2

8081 / tcp

-1306694904 | 2025-03-06T21:17:08.635469

HTTP/1.1 200 OK
Date: Thu, 06 Mar 2025 21:16:59 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 23:55:28 GMT
ETag: "29af-5e9c57ecd4e44"
Accept-Ranges: bytes
Content-Length: 10671
Vary: Accept-Encoding
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <!--
    Modified from the Debian original for Ubuntu
    Last updated: 2022-03-22
    See: https://launchpad.net/bugs/1966004
  -->
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <title>Apache2 Ubuntu Default Page: It works</title>
    <style type="text/css" media="screen">
  * {
    margin: 0px 0px 0px 0px;
    padding: 0px 0px 0px 0px;
  }

  body, html {
    padding: 3px 3px 3px 3px;

    background-color: #D8DBE2;

    font-family: Ubuntu, Verdana, sans-serif;
    font-size: 11pt;
    text-align: center;
  }

  div.main_page {
    position: relative;
    display: table;

    width: 800px;

    margin-bottom: 3px;
    margin-left: auto;
    margin-right: auto;
    padding: 0px 0px 0px 0px;

    border-width: 2px;
    border-color: #212738;
    border-style: solid;

    background-color: #FFFFFF;

    text-align: center;
  }

  div.page_header {
    height: 180px;
    width: 100%;

    background-color: #F5F6F7;
  }

  div.page_header span {
    margin: 15px 0px 0px 50px;

    font-size: 180%;
    font-weight: bold;
  }

  div.page_header img {
    margin: 3px 0px 0px 40px;

    border: 0px 0px 0px;
  }

  div.banner {
    padding: 9px 6px 9px 6px;
    background-color: #E9510E;
    color: #FFFFFF;
    font-weight: bold;
    font-size: 112%;
    text-align: center;
    position: absolute;
    left: 40%;
    bottom: 30px;
    width: 20%;
  }

  div.table_of_contents {
    clear: left;

    min-width: 200px;

    margin: 3px 3px 3px 3px;

    background-color: #FFFFFF;

    text-align: left;
  }

  div.table_of_contents_item {
    clear: left;

    width: 100%;

    margin: 4px 0px 0px 0px;

    background-color: #FFFFFF;

    color: #000000;
    text-align: left;
  }

  div.table_of_contents_item a {
    margin: 6px 0px 0px 6px;
  }

  div.content_section {
    margin: 3px 3px 3px 3px;

    background-color: #FFFFFF;

    text-align: left;
  }

  div.content_section_text {
    padding: 4px 8px 4px 8px;

    color: #000000;
    font-size: 100%;
  }

  div.content_section_text pre {
    margin: 8px 0px 8px 0px;
    padding: 8px 8px 8px 8px;

    border-width: 1px;
    border-style: dotted;
    border-color: #000000;

    background-color: #F5F6F7;

    font-style: italic;
  }

  div.content_section_text p {
    margin-bottom: 6px;
  }

  div.content_section_text ul, div.content_section_text li {
    padding: 4px 8px 4px 16px;
  }

  div.section_header {
    padding: 3px 6px 3px 6px;

    background-color: #8E9CB2;

    color: #FFFFFF;
    font-weight: bold;
    font-size: 112%;
    text-align: center;
  }

  div.section_header_grey {
    background-color: #9F9386;
  }

  .floating_element {
    position: relative;
    float: left;
  }

  div.table_of_contents_item a,
  div.content_section_text a {
    text-decoration: none;
    font-weight: bold;
  }

  div.table_of_contents_item a:link,
  div.table_of_contents_item a:visited,
  div.table_of_contents_item a:active {
    color: #000000;
  }

  div.table_of_contents_item a:hover {
    background-color: #000000;

    color: #FFFFFF;
  }

  div.content_section_text a:link,
  div.content_section_text a:visited,
   div.content_section_text a:active {
    background-color: #DCDFE6;

    color: #000000;
  }

  div.content_section_text a:hover {
    background-color: #000000;

    color: #DCDFE6;
  }

  div.validator {
  }
    </style>
  </head>
  <body>
    <div class="main_page">
      <div class="page_header floating_element">
        <img src="icons/ubuntu-logo.png" alt="Ubuntu Logo"
             style="width:184px;height:146px;" class="floating_element" />
        <div>
          <span style="margin-top: 1.5em;" class="floating_element">
            Apache2 Default Page
          </span>
        </div>
        <div class="banner">
          <div id="about"></div>
          It works!
        </div>

      </div>
      <div class="content_section floating_element">
        <div class="content_section_text">
          <p>
                This is the default welcome page used to test the correct 
                operation of the Apache2 server after installation on Ubuntu systems.
                It is based on the equivalent page on Debian, from which the Ubuntu Apache
                packaging is derived.
                If you can read this page, it means that the Apache HTTP server installed at
                this site is working properly. You should <b>replace this file</b> (located at
                <tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server.
          </p>

          <p>
                If you are a normal user of this web site and don't know what this page is
                about,

Vulnerabilities

9 13 11 2

8082 / tcp

-1145526156 | 2025-03-16T15:07:40.848807

Hashes

hash

-1581214202

http.dom_hash

-1471369429

http.favicon.hash

-162467451

http.html_hash

-1145526156

http.server_hash

-1924543807

http.title_hash

-1151840761

Traccar

HTTP/1.1 200 OK
Date: Sun, 16 Mar 2025 15:06:51 GMT
Last-Modified: Thu, 29 Sep 2022 00:19:35 GMT
Content-Type: text/html
Accept-Ranges: bytes
Cache-Control: max-age=3600,public
Content-Length: 685
Server: Jetty(10.0.7)

Vulnerabilities

5 3 6

8089 / tcp

1476687173 | 2025-03-25T16:46:34.614584

HTTP/1.1 200 OK
Date: Tue, 25 Mar 2025 16:46:34 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 23:55:28 GMT
ETag: "29af-5e9c57ecd4e44"
Accept-Ranges: bytes
Content-Length: 10671
Vary: Accept-Encoding
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <!--
    Modified from the Debian original for Ubuntu
    Last updated: 2022-03-22
    See: https://launchpad.net/bugs/1966004
  -->
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <title>Apache2 Ubuntu Default Page: It works</title>
    <style type="text/css" media="screen">
  * {
    margin: 0px 0px 0px 0px;
    padding: 0px 0px 0px 0px;
  }

  body, html {
    padding: 3px 3px 3px 3px;

    background-color: #D8DBE2;

    font-family: Ubuntu, Verdana, sans-serif;
    font-size: 11pt;
    text-align: center;
  }

  div.main_page {
    position: relative;
    display: table;

    width: 800px;

    margin-bottom: 3px;
    margin-left: auto;
    margin-right: auto;
    padding: 0px 0px 0px 0px;

    border-width: 2px;
    border-color: #212738;
    border-style: solid;

    background-color: #FFFFFF;

    text-align: center;
  }

  div.page_header {
    height: 180px;
    width: 100%;

    background-color: #F5F6F7;
  }

  div.page_header span {
    margin: 15px 0px 0px 50px;

    font-size: 180%;
    font-weight: bold;
  }

  div.page_header img {
    margin: 3px 0px 0px 40px;

    border: 0px 0px 0px;
  }

  div.banner {
    padding: 9px 6px 9px 6px;
    background-color: #E9510E;
    color: #FFFFFF;
    font-weight: bold;
    font-size: 112%;
    text-align: center;
    position: absolute;
    left: 40%;
    bottom: 30px;
    width: 20%;
  }

  div.table_of_contents {
    clear: left;

    min-width: 200px;

    margin: 3px 3px 3px 3px;

    background-color: #FFFFFF;

    text-align: left;
  }

  div.table_of_contents_item {
    clear: left;

    width: 100%;

    margin: 4px 0px 0px 0px;

    background-color: #FFFFFF;

    color: #000000;
    text-align: left;
  }

  div.table_of_contents_item a {
    margin: 6px 0px 0px 6px;
  }

  div.content_section {
    margin: 3px 3px 3px 3px;

    background-color: #FFFFFF;

    text-align: left;
  }

  div.content_section_text {
    padding: 4px 8px 4px 8px;

    color: #000000;
    font-size: 100%;
  }

  div.content_section_text pre {
    margin: 8px 0px 8px 0px;
    padding: 8px 8px 8px 8px;

    border-width: 1px;
    border-style: dotted;
    border-color: #000000;

    background-color: #F5F6F7;

    font-style: italic;
  }

  div.content_section_text p {
    margin-bottom: 6px;
  }

  div.content_section_text ul, div.content_section_text li {
    padding: 4px 8px 4px 16px;
  }

  div.section_header {
    padding: 3px 6px 3px 6px;

    background-color: #8E9CB2;

    color: #FFFFFF;
    font-weight: bold;
    font-size: 112%;
    text-align: center;
  }

  div.section_header_grey {
    background-color: #9F9386;
  }

  .floating_element {
    position: relative;
    float: left;
  }

  div.table_of_contents_item a,
  div.content_section_text a {
    text-decoration: none;
    font-weight: bold;
  }

  div.table_of_contents_item a:link,
  div.table_of_contents_item a:visited,
  div.table_of_contents_item a:active {
    color: #000000;
  }

  div.table_of_contents_item a:hover {
    background-color: #000000;

    color: #FFFFFF;
  }

  div.content_section_text a:link,
  div.content_section_text a:visited,
   div.content_section_text a:active {
    background-color: #DCDFE6;

    color: #000000;
  }

  div.content_section_text a:hover {
    background-color: #000000;

    color: #DCDFE6;
  }

  div.validator {
  }
    </style>
  </head>
  <body>
    <div class="main_page">
      <div class="page_header floating_element">
        <img src="icons/ubuntu-logo.png" alt="Ubuntu Logo"
             style="width:184px;height:146px;" class="floating_element" />
        <div>
          <span style="margin-top: 1.5em;" class="floating_element">
            Apache2 Default Page
          </span>
        </div>
        <div class="banner">
          <div id="about"></div>
          It works!
        </div>

      </div>
      <div class="content_section floating_element">
        <div class="content_section_text">
          <p>
                This is the default welcome page used to test the correct 
                operation of the Apache2 server after installation on Ubuntu systems.
                It is based on the equivalent page on Debian, from which the Ubuntu Apache
                packaging is derived.
                If you can read this page, it means that the Apache HTTP server installed at
                this site is working properly. You should <b>replace this file</b> (located at
                <tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server.
          </p>

          <p>
                If you are a normal user of this web site and don't know what this page is
                about,

8443 / tcp

1503860046 | 2025-03-21T22:54:27.150102

Hashes

hash

-729790129

http.dom_hash

427300722

http.html_hash

1503860046

http.server_hash

-675031582

http.title_hash

1922230393

503 Service Unavailable

HTTP/1.1 503 Service Unavailable
Date: Fri, 21 Mar 2025 22:54:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 380
Connection: close
Content-Type: text/html; charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:07:07:7c:99:5f:8c:3d:a9:25:70:33:87:c7:24:5b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Apr  9 00:00:00 2024 GMT
            Not After : Apr  9 23:59:59 2025 GMT
        Subject: CN=brocatv.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:b4:80:b4:10:07:7c:c8:bf:ac:35:61:61:0a:
                    6c:49:ec:82:ae:d4:1e:18:1d:e1:e6:20:44:9a:f8:
                    e8:e8:6e:27:4c:74:b9:b1:99:a7:01:9e:3f:76:c2:
                    03:4e:f2:19:d9:98:ba:88:42:42:2f:01:bd:e7:66:
                    7f:bb:54:f2:70:b1:cd:37:8e:d5:f7:e0:3a:91:8d:
                    f3:34:dc:28:59:f8:ce:8f:0a:08:56:13:37:e0:9c:
                    ee:78:2e:2c:bd:93:b6:58:c3:33:3b:8d:ba:a1:79:
                    8f:71:54:ec:30:d1:fa:6b:1e:5b:78:d6:d4:0a:66:
                    6f:5f:41:62:49:4b:fd:49:e5:65:39:52:a1:4c:85:
                    e3:bc:b4:ae:c1:0d:6d:50:52:4b:f4:65:0f:c5:c3:
                    01:71:89:ee:45:34:88:eb:3a:98:a3:4c:e9:7a:60:
                    c9:8d:0d:42:a5:6a:52:68:3b:e6:d3:d5:dd:7d:84:
                    92:4e:4d:39:34:d7:df:16:b6:ba:e4:86:58:4b:a3:
                    90:17:16:d7:05:32:82:19:e2:28:43:1a:99:97:66:
                    29:1c:27:7d:e3:36:94:98:55:2c:18:16:7a:1e:42:
                    38:98:9e:30:f1:51:38:77:70:79:02:a6:bd:18:f2:
                    38:5a:11:84:5e:ae:33:21:51:e7:f8:ac:68:8a:77:
                    bb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                D4:2F:EB:EF:23:ED:68:CA:9B:27:A3:B8:FE:30:20:EA:5A:64:43:7E
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:brocatv.com, DNS:www.brocatv.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr  9 20:45:10.569 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:93:6D:24:65:6F:8D:4C:83:C5:79:66:
                                56:DE:5C:58:52:95:BF:F6:A8:BE:69:E4:6E:E5:2D:CF:
                                0A:04:39:6B:A6:02:20:72:F4:C1:35:C6:99:74:3D:8E:
                                F2:7F:7E:18:7C:03:16:B7:DB:EB:93:21:7B:5F:2F:06:
                                B8:BD:A9:5C:E4:30:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr  9 20:45:10.448 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0F:06:19:5E:83:0B:69:9E:26:F5:50:7E:
                                4D:C9:8D:41:CF:59:68:FB:CC:AA:9F:E3:A3:8B:F8:A3:
                                71:F2:43:E7:02:20:16:C7:70:F2:EE:1A:B5:93:E9:DD:
                                20:84:82:8B:0C:C9:51:C2:23:C0:8F:1A:00:79:A6:2A:
                                76:3E:AB:9A:9F:29
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr  9 20:45:10.447 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:59:78:9A:4A:63:DF:8D:60:3D:2F:34:12:
                                B3:99:41:26:97:B1:98:47:D1:ED:90:7D:EE:5E:EA:C6:
                                FC:62:5E:58:02:20:1F:4C:DA:9D:E6:90:6F:E0:7F:AD:
                                CA:E5:A0:0B:8F:54:8E:D4:32:AD:96:75:29:77:1E:69:
                                F4:BE:CF:67:78:02
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2d:45:74:53:ea:2d:82:40:73:27:58:28:88:ce:ac:62:11:3b:
        b4:f9:61:f6:81:7c:66:33:24:e9:6c:dc:3d:15:b7:e0:19:48:
        3d:a9:c0:4d:ec:cf:bd:2a:fe:8c:d3:69:c8:02:a7:96:5b:42:
        1d:17:47:ec:44:bd:1c:cf:83:20:da:d6:a7:15:ff:50:96:66:
        86:ce:9f:cd:dc:1b:9a:28:b7:16:a7:3b:9e:0a:5f:d1:b6:95:
        73:52:dc:4e:49:a9:d1:38:a4:dc:53:f7:40:db:4f:74:d8:4d:
        b9:9e:93:d4:3d:95:00:da:3e:e6:83:3f:10:8b:69:24:77:ff:
        b0:0f:b5:68:24:88:e3:7c:81:36:d7:1a:6d:42:79:50:45:b4:
        fe:0c:19:d2:18:44:75:5e:da:6e:4e:cc:34:9b:8d:42:58:c7:
        4c:c3:10:42:61:86:23:9b:2c:a2:62:f8:57:24:b9:2d:a0:c2:
        ed:b0:e3:10:07:9b:51:10:a4:71:73:12:3a:75:a6:bc:59:ca:
        1c:7f:8a:26:24:f5:ee:01:80:1b:fb:62:4e:28:03:a8:8c:ff:
        f9:fc:3e:2b:d1:ba:48:c6:4f:77:16:fc:98:a0:06:95:ed:57:
        28:5d:2b:54:92:d5:21:84:22:aa:cc:2c:4b:97:e3:19:41:c5:
        9b:ca:6b:f1

Vulnerabilities

9 13 11 2

9000 / tcp

1190407585 | 2025-03-22T00:55:20.926790

Hashes

hash

-1292966366

http.dom_hash

-254539178

http.html_hash

1190407585

http.server_hash

-675031582

Reconocer - Panel de control

HTTP/1.1 200 OK
Date: Sat, 22 Mar 2025 00:55:20 GMT
Server: Apache/2.4.52 (Ubuntu)
Set-Cookie: ci_session=510982v8fd8l6p9nvmr1nh4ueota102s; expires=Sat, 22-Mar-2025 02:55:20 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Cache-Control: no-store, max-age=0, no-cache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Vulnerabilities

9 13 11 2

9600 / tcp

-1548212373 | 2025-03-21T10:13:41.232810

Hashes

hash

-1125793537

http.dom_hash

-1893914069

http.favicon.hash

-172724917

http.html_hash

-1548212373

http.server_hash

-675031582

http.title_hash

-1890809544

SPIGHA IOT | plataforma

HTTP/1.1 200 OK
Date: Fri, 21 Mar 2025 10:13:41 GMT
Server: Apache/2.4.52 (Ubuntu)
Set-Cookie: ci_session=g8t3icv712m75i3j2a35dgicnjqd80f1; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 4197
Content-Type: text/html; charset=UTF-8

Vulnerabilities

9998 / tcp

-1143857254 | 2025-03-26T10:45:29.047652

Hashes

hash

514012419

http.dom_hash

2027331783

http.html_hash

-1143857254

http.server_hash

-675031582

http.title_hash

-235103534

iot.spigha.online - En mantenimiento

HTTP/1.1 200 OK
Date: Wed, 26 Mar 2025 10:45:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Set-Cookie: ci_session=jpnish50rokpqt1a882u2e1aklok7j0g; path=/; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 428
Content-Type: text/html; charset=UTF-8

9999 / tcp

1410093119 | 2025-03-27T14:06:36.283223

Hashes

hash

-993846176

http.dom_hash

1804521491

http.html_hash

1410093119

http.server_hash

-675031582

http.title_hash

-22151114

Apache2 Ubuntu Default Page: It works

HTTP/1.1 200 OK
Date: Thu, 27 Mar 2025 14:06:36 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 23:55:28 GMT
ETag: "29af-5e9c57ecd4e44"
Accept-Ranges: bytes
Content-Length: 10671
Vary: Accept-Encoding
Content-Type: text/html

Vulnerabilities

9 13 11 2

10000 / tcp

-821346376 | 2025-03-14T20:23:36.764953

Hashes

hash

-238519058

http.dom_hash

907682094

http.favicon.hash

-95050582

http.html_hash

-821346376

http.server_hash

511324727

http.title_hash

1072598638

HTTP/1.0 200 Document follows
Date: Fri, 14 Mar 2025 20:23:36 GMT
Server: MiniServ
Connection: close
Auth-type: auth-required=1
Set-Cookie: redirect=1; path=/; secure; httpOnly
Set-Cookie: testing=1; path=/; secure; httpOnly
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self'
X-Content-Type-Options: nosniff
X-no-links: 1
Content-type: text/html; Charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:05:64:ef:54:5c:93:bf:05:17:73:d5:08:e9:1a:84:f7:c0:70:51
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=Webmin web server on enterprise, CN=*/emailAddress=root@enterprise
        Validity
            Not Before: Sep 30 17:31:51 2022 GMT
            Not After : Sep 29 17:31:51 2027 GMT
        Subject: O=Webmin web server on enterprise, CN=*/emailAddress=root@enterprise
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d0:a0:f7:f8:9b:59:0e:19:26:2b:3e:6e:7a:0b:
                    60:7f:80:29:a5:c0:7f:72:b6:75:f7:87:93:07:8b:
                    fc:fa:6b:9a:00:68:2b:d6:33:f0:69:f2:be:69:83:
                    ce:59:c8:3e:9c:08:d8:bf:e3:ed:5b:d0:3f:b6:fe:
                    e0:2a:2b:54:c2:71:2b:f1:40:6a:ed:19:0f:fe:cb:
                    7f:93:5e:73:89:1f:85:df:b7:85:07:37:2a:a5:38:
                    00:21:0b:37:cd:02:fa:6c:71:bb:5a:85:a2:2a:68:
                    91:ae:6e:e9:c9:62:d1:70:d0:34:27:cc:6c:ee:03:
                    d6:10:97:8a:41:45:2e:32:2d:4c:0d:b1:4e:57:24:
                    cc:86:12:45:3d:10:f0:af:b3:00:f7:6f:08:75:b9:
                    2a:cf:d9:fc:27:f9:2a:46:7c:06:07:b4:f0:b4:0e:
                    0d:9d:be:9c:94:1a:41:3e:5a:e7:5b:8a:14:7e:0b:
                    29:b5:49:07:5f:cb:ed:ff:13:b5:f3:1a:23:08:e0:
                    24:12:85:69:86:1c:ec:96:54:06:ce:2b:28:52:89:
                    c8:ae:db:97:c6:6f:a1:8d:de:93:87:25:87:93:d8:
                    8f:f7:0d:07:97:b0:ec:af:33:c3:93:11:61:95:83:
                    4c:7f:e3:fd:b4:a0:ae:fa:8a:99:f6:76:e4:3a:e4:
                    7c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A7:E2:30:43:C8:A9:62:C1:B6:AE:11:AE:84:31:84:06:0A:B1:B3:02
            X509v3 Authority Key Identifier: 
                A7:E2:30:43:C8:A9:62:C1:B6:AE:11:AE:84:31:84:06:0A:B1:B3:02
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2d:ee:cc:a4:f9:e4:7a:f6:7e:66:8f:b1:c5:c2:a3:ec:f1:47:
        2c:36:ed:df:0b:08:ca:b2:e0:0e:d8:8b:43:a5:a8:c8:fb:ab:
        24:a2:98:7b:50:98:05:26:1e:a4:73:75:08:2e:2f:cb:1e:d8:
        02:bb:f4:1f:b2:88:43:3d:81:44:9b:37:9b:46:7a:67:7b:75:
        e4:62:2d:54:ea:35:d4:31:e2:d9:ad:a4:ef:c7:e3:08:d1:b1:
        93:6f:3a:56:c7:c5:70:ae:35:b7:0d:a9:9a:fe:10:53:c5:f5:
        b1:4c:94:7d:b9:cd:94:bc:88:ed:94:4f:fa:46:02:b5:62:73:
        d5:80:9d:3b:e1:88:9a:70:96:4e:b0:1b:fc:2c:d0:3f:a7:13:
        a5:fc:62:94:44:18:c5:fb:d0:e7:9f:83:6e:d9:2b:d8:7c:2c:
        5d:1a:3f:7b:0a:16:6b:c3:33:a0:43:2d:a4:9f:aa:4a:af:c7:
        7e:ce:77:d0:4d:4d:2f:9c:89:0a:9f:9a:a6:87:84:30:cc:fc:
        53:59:1f:61:c6:f9:3d:71:5b:c0:13:75:1b:9f:a0:aa:31:7d:
        f9:62:47:db:6c:6c:16:15:2c:e3:94:d0:9a:3a:0e:98:a5:5f:
        a3:16:2f:23:02:c4:cc:68:08:a1:25:74:8e:97:a6:ec:9a:3f:
        a2:38:f8:9c

30000 / tcp

-1264071599 | 2025-03-11T07:53:32.344179

220 (vsFTPd 3.0.5)\r\n

33060 / tcp

-795948505 | 2025-03-22T18:31:06.586668

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

186.64.101.225

Last Seen: 2025-03-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Port 8080 Port 8081 Port 8082 Port 8443 Port 9000 Port 9600 Port 9999 Latest CVSS

OpenPorts

99 / tcp 1410093119 | 2025-03-22T11:34:49.245583

Hashes

443 / tcp 498353573 | 2025-03-21T10:30:27.143760

Hashes

3306 / tcp 962713488 | 2025-03-27T18:55:34.414584

8080 / tcp 1410093119 | 2025-03-24T15:14:52.413337

Hashes

8081 / tcp -1306694904 | 2025-03-06T21:17:08.635469

8082 / tcp -1145526156 | 2025-03-16T15:07:40.848807

Hashes

8089 / tcp 1476687173 | 2025-03-25T16:46:34.614584

8443 / tcp 1503860046 | 2025-03-21T22:54:27.150102

Hashes

9000 / tcp 1190407585 | 2025-03-22T00:55:20.926790

Hashes

9600 / tcp -1548212373 | 2025-03-21T10:13:41.232810

Hashes

9998 / tcp -1143857254 | 2025-03-26T10:45:29.047652

Hashes

9999 / tcp 1410093119 | 2025-03-27T14:06:36.283223

Hashes

10000 / tcp -821346376 | 2025-03-14T20:23:36.764953

Hashes

30000 / tcp -1264071599 | 2025-03-11T07:53:32.344179

33060 / tcp -795948505 | 2025-03-22T18:31:06.586668

Products

Pricing

Contact Us

Vulnerabilities

99 / tcp

1410093119 | 2025-03-22T11:34:49.245583

443 / tcp

498353573 | 2025-03-21T10:30:27.143760

3306 / tcp

962713488 | 2025-03-27T18:55:34.414584

8080 / tcp

1410093119 | 2025-03-24T15:14:52.413337

8081 / tcp

-1306694904 | 2025-03-06T21:17:08.635469

8082 / tcp

-1145526156 | 2025-03-16T15:07:40.848807

8089 / tcp

1476687173 | 2025-03-25T16:46:34.614584

8443 / tcp

1503860046 | 2025-03-21T22:54:27.150102

9000 / tcp

1190407585 | 2025-03-22T00:55:20.926790

9600 / tcp

-1548212373 | 2025-03-21T10:13:41.232810

9998 / tcp

-1143857254 | 2025-03-26T10:45:29.047652

9999 / tcp

1410093119 | 2025-03-27T14:06:36.283223

10000 / tcp

-821346376 | 2025-03-14T20:23:36.764953

30000 / tcp

-1264071599 | 2025-03-11T07:53:32.344179

33060 / tcp

-795948505 | 2025-03-22T18:31:06.586668